这次使用腾讯证书的jks
进入tomcat文件夹的conf目录修改配置文件server.
?
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/zm.zhuibike.com.jks" //证书位置
certificateKeystorePassword="l005n7un54m" //证书密码
certificateKeyAlias="zm.zhuibike.com" //尽量与域名一样
scheme="https"
secure="true"
type="RSA" />
</SSLHostConfig>
</Connector>
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
配置conf文件夹下的web.xml 配置http强制转换为https
首先下拉到文件最下方,再web-app节点里添加以下代码
<security-constraint>
<web-resource-collection >
<web-resource-name >SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
pfx证书配置
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="ssl/证书名称.pfx"
certificateKeystorePassword="密码"
certificateKeystoreType="PKCS12"
/>
</SSLHostConfig>
</Connector>